Tenth International Workshop on Formal Methods for Industrial
Critical Systems

(FMICS 05)

Scope of the workshop

The aim of the FMICS
workshop series, which is celebrating its tenth issue, is to provide
a forum for researchers who are interested in the development and application
of formal methods in industry. In particular, these workshops are
intended to bring together scientists and practitioners who are active
in the area of formal methods and interested in exchanging their experiences
in the industrial usage of these methods. These workshops also strive
to promote research and development for the improvement of formal methods
and tools for industrial applications.

Special event celebrating FMICS's 10th Anniversary

"Ten Commandments Revisited"
A Ten-Year Perspective on the Industrial Application of Formal Methods

Presented by:

Jonathan P. Bowen
London South Bank University
UK

and

Michael G. Hinchey
NASA Goddard Space Flight Center
Greenbelt, MD
USA

Ten years ago, our paper Ten Commandments
of Formal Methods suggested some guidelines to help ensure the success
of a formal methods project. It proposed ten important requirements (or
“commandments”) for formal developers to consider and follow, based on our
knowledge of several industrial application success stories, most of which
were reported in more detail in [M.G. Hinchey and J.P. Bowen, editors, Applications
of Formal Methods, Prentice Hall International Series in Computer Science,
Hemel Hempstead, 1995.] and [M.G. Hinchey and J.P. Bowen, editors, Industrial-Strength
Formal Methods in Practice, Springer, FACIT series, London, 1999.].
The paper was surprisingly popular, is still widely referenced, and used
as required reading in a number of formal methods courses.
However, not all have agreed with some of our commandments, feeling that
they may not be valid in the long-term.
We re-examine the original commandments ten years on, and
consider their validity in the light of a further decade of industrial best
practice and experiences.

Invited speakers

"The experience of ATX
with the application of formal/rigorous
techniques and methods in real projects"

Abstract:
ATX offers an integrated set of architectural and re-engineering technologies
that, through methods and tools tested in large critical projects, can support
long-term strategies of transitioning legacy business functions to core agile
services that can sustain crucial competitiveness in the volatile markets
of today. Such strategies are being pursued by an increasing number of major
IT consumers such as financial institutions, telecoms, and public administration,
in response to the need to operate, as first-class players, in the e-Economy.
The fact that the systems in place at these organizations still run on legacy
technology (e.g. COBOL) has created the need for re-engineering and enterprise
integration technologies.

The solutions that are currently in place are typical based on: internal,
labour-intensive migration with low-productivity, high costs and risk or
expensive outsourcing to consultancy companies currently using shallow tactical
and generalist approaches.
In both cases, these attempts at re-engineering systems are just addressing
short-term needs, leading rapidly to a new generation of legacy.

ATX has been working in the architectural structures that can make systems
agile and reactive to the way the target business domain will change.
Our re-engineering methods and technologies go well beyond the revamping
of code. They are based on rigorous and well-established techniques that
allow the re-engineering to operate at the level of the business logic and,
therefore, align the system architecture with the way markets evolve.

The architectural approach that we will be describing is based on the crucial
separation of concerns between: Computation, Coordination, and Configuration.
This separation needs to be supported at two different levels. On the one
hand, through semantic primitives that address the "business architecture",
i.e. the means that need to be provided for modeling business entities (Computation),
the business rules that determine how the entities can interact (Coordination),
and the business contexts through which specific rules can be superposed,
at run-time, to specific entities (Configuration).

Abstract:A wide range of coordination protocols for distributed systems, internet
protocols or systems with unreliable components can formally be modelled
by Markov decision processes (MDP). MDPs can be viewed as a variant of state-transition
diagrams with discrete probabilities and nondeterminism. While traditional
model checking techniques for non-probabilistic systems aims to establish
properties stating that all (or some) computations fulfill a certain condition,
the verification problem for randomized systems requires reasoning about
the quantitative behavior by means of properties that refer to the probabilities
for certain computations, for instance, the probability to find a leader
within 5 rounds, to deliver a message within 3 attempts along an unreliable
channel or the probability for not reaching an error state.

The talk will start with a brief introduction into modelling randomized
systems with MDPs and the modelling language ProbMela which is a guarded command
language with features of imperative languages, nondeterminism, parallelism,
a probabilistic choice operator and lossy channels. The second part of the
talk will summarize the main steps for a quantitative analysis of MDP for
given temporal logical specifications. The last part will report on the
main features of the partial order reduction approach for MDPs and its
implementation in the model checker LiQuor.

In case of acceptance of a paper at least one author must present the
contribution at the workshop, otherwise it will be removed from the
list of publications.

Please submit your paper electronically via the FMICS05
Conference Service . For further information or any problems with
the service please contact us at: fmics05-chairs followed by "at"
followed by isti.cnr.it.

Best paper award

Venue

FMICS 05 will take place at the Campolide campus of the
New University of Lisbon, Portugal, September 2005, as a co-located
workshop of ESEC/FSE 2005,
the fifth joint meeting of the European Software Engineering Conference
and ACM SIGSOFT Symposium on the Foundations of Software Engineering.